Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-01-25 | fold in next changes entriestor-0.2.2.22-alpha | Roger Dingledine | |
2011-01-25 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
2011-01-25 | Tell which geoip file we're parsing | Sebastian Hahn | |
2011-01-25 | Fix assert for relay/bridge state change | Sebastian Hahn | |
When we added support for separate client tls certs on bridges in a2bb0bfdd5 we forgot to correctly initialize this when changing from relay to bridge or vice versa while Tor is running. Fix that by always initializing keys when the state changes. Fixes bug 2433. | |||
2011-01-25 | bump to 0.2.2.22-alpha | Roger Dingledine | |
2011-01-24 | fold in changelog entries | Roger Dingledine | |
2011-01-24 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
2011-01-24 | Make the DH parameter we use for TLS match the one from Apache's mod_ssl | Nick Mathewson | |
Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance. | |||
2011-01-20 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
2011-01-20 | Merge remote branch 'rransom/policy_summarize-assert' into maint-0.2.1 | Nick Mathewson | |
2011-01-20 | Fix bounds-checking in policy_summarize | Robert Ransom | |
Found by piebeer. | |||
2011-01-19 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
2011-01-19 | Oops; actually add the code to the last patch. :/ | Nick Mathewson | |
2011-01-19 | Fix two more SIZE_T_CEILING issues | Nick Mathewson | |
This patch imposes (very long) limits on the length of a line in a directory document, and on the length of a certificate. I don't think it should actually be possible to overrun these remotely, since we already impose a maximum size on any directory object we're downloading, but a little defensive programming never hurt anybody. Roger emailed me that doorss reported these on IRC, but nobody seems to have put them on the bugtracker. | |||
2011-01-18 | fix 0.2.2 changelog to match 0.2.1 | Roger Dingledine | |
2011-01-18 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
2011-01-18 | Merge branch 'maint-0.2.1' into maint-0.2.2 | Roger Dingledine | |
2011-01-18 | be the winner, rewrite history | Roger Dingledine | |
2011-01-15 | fold in another set of changestor-0.2.2.21-alpha | Roger Dingledine | |
2011-01-15 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
2011-01-15 | Merge commit 'sebastian/bug2317' into maint-0.2.2 | Roger Dingledine | |
2011-01-15 | add in missing changelog entries | Roger Dingledine | |
2011-01-15 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
2011-01-15 | Merge branch 'maint-0.2.1' into maint-0.2.2 | Roger Dingledine | |
2011-01-15 | 0.2.1.29 changelog and blurb | Roger Dingledine | |
2011-01-15 | fold in more changes entries | Roger Dingledine | |
2011-01-15 | repeat overlapping changelog entries | Roger Dingledine | |
2011-01-15 | bump to 0.2.2.21-alpha | Roger Dingledine | |
2011-01-15 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
2011-01-15 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
2011-01-15 | Fix a couple of non-cleared key issues in hidden services | Nick Mathewson | |
we need to do more hunting, but this fixes the ones mentioned in 2385. | |||
2011-01-15 | Zero out some more key data before freeing it | Nick Mathewson | |
Found by cypherpunks; fixes bug 2384. | |||
2011-01-15 | Update the spec with the new bounds | Sebastian Hahn | |
2011-01-15 | Tighten accepted circwindow parameters | Sebastian Hahn | |
Based on discussion in bug 2317, these values seem to be sane. | |||
2011-01-15 | Provide constant limits for all consensus params | Sebastian Hahn | |
This addresses Nick's concern about doing non-constant bounds checking inside networkstatus_get_param(). | |||
2011-01-15 | Fix a typo spotted by Roger | Sebastian Hahn | |
2011-01-15 | Sanity-check consensus param values | Sebastian Hahn | |
We need to make sure that the worst thing that a weird consensus param can do to us is to break our Tor (and only if the other Tors are reliably broken in the same way) so that the majority of directory authorities can't pull any attacks that are worse than the DoS that they can trigger by simply shutting down. One of these worse things was the cbtnummodes parameter, which could lead to heap corruption on some systems if the value was sufficiently large. This commit fixes this particular issue and also introduces sanity checking for all consensus parameters. | |||
2011-01-15 | Make get_net_param_from_list() static | Sebastian Hahn | |
This prepares for making the accessor method for consensus parameters safer in the next commit. | |||
2011-01-15 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
Conflicts: src/or/routerparse.c src/or/test.c | |||
2011-01-15 | Merge branch 'bug2352_obsize' into maint-0.2.1 | Nick Mathewson | |
2011-01-15 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
2011-01-15 | Add missing check for hostname answer_len in dnsserv size | Nick Mathewson | |
This is checked elsewhere too, but let's be RFC-conformant. | |||
2011-01-15 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
2011-01-15 | Merge branch 'bug2332_part2' into maint-0.2.1 | Nick Mathewson | |
2011-01-15 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
2011-01-15 | Merge branch 'bug2324_uncompress' into maint-0.2.1 | Nick Mathewson | |
2011-01-15 | clean up message; explain a magic number in a comment | Nick Mathewson | |
2011-01-15 | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
Conflicts: src/or/config.c src/or/networkstatus.c src/or/rendcommon.c src/or/routerparse.c src/or/test.c | |||
2011-01-15 | make the description of tolen_asserts more dire | Nick Mathewson | |
We have a CVE # for this bug. | |||
2011-01-15 | Fix a heap overflow found by debuger, and make it harder to make that ↵ | Nick Mathewson | |
mistake again Our public key functions assumed that they were always writing into a large enough buffer. In one case, they weren't. (Incorporates fixes from sebastian) |